[OAUTH-WG] Authentication Method Reference Values is now RFC 8176

Mike Jones <Michael.Jones@microsoft.com> Sat, 17 June 2017 00:50 UTC

Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B77F124C27 for <oauth@ietfa.amsl.com>; Fri, 16 Jun 2017 17:50:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.927
X-Spam-Level:
X-Spam-Status: No, score=-1.927 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTML_OBFUSCATE_10_20=0.093, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QIE4jjrhlPK6 for <oauth@ietfa.amsl.com>; Fri, 16 Jun 2017 17:50:44 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0118.outbound.protection.outlook.com [104.47.37.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87C69120454 for <oauth@ietf.org>; Fri, 16 Jun 2017 17:50:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=vZkHFMP5yf7YKTcLPdqBBcbBb2a047XDIrx9RNN4tmY=; b=QWgAZpmUZaZ/FSEtfBDtFB7FHS5daY+obLHliIFj+Nom+zznPljf+NGVnE3bDoDT3BHTWnGSbFwbHW/lTxIrqHYCcjfVL2oyGBl3EiCUKsi/MNJKaQ+voXVr5RX4ReE1+ElHkNaBrQydeVnSzof7Bytx16kA5e1roO/bM5LHPCs=
Received: from CY4PR21MB0504.namprd21.prod.outlook.com (10.172.122.14) by CY4PR21MB0630.namprd21.prod.outlook.com (10.175.115.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1199.3; Sat, 17 Jun 2017 00:50:43 +0000
Received: from CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) by CY4PR21MB0504.namprd21.prod.outlook.com ([10.172.122.14]) with mapi id 15.01.1199.007; Sat, 17 Jun 2017 00:50:43 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: Authentication Method Reference Values is now RFC 8176
Thread-Index: AdLm/SQFxEk7tkh9S16dsit8Wi5rwg==
Date: Sat, 17 Jun 2017 00:50:42 +0000
Message-ID: <CY4PR21MB0504ED00B9D8A5381A19AE0EF5C60@CY4PR21MB0504.namprd21.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Ref=https://api.informationprotection.azure.com/api/72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetBy=mbj@microsoft.com; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2017-06-16T17:50:41.5533635-07:00; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Application=Microsoft Azure Information Protection; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Extended_MSFT_Method=Automatic; Sensitivity=General
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [2001:4898:80e8:b::3fc]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; CY4PR21MB0630; 7:5vMRIepUXzZPWcFjb1JC96nVZVmtANPTkMFVuPCeyWHTu5sU6eRlzRvJU1lZqclQTPia8XYzk0QkioFUzg/vWTZtS2Ban2RYELxuWuKSFhpz4r+uKilrkrK8qUv1RnMVIXvaXak5A0AjTAsjqHFYj+EtJnZXP0gejQ4KEY0OLVpgaXSMHH0AA9C1G5tKPt+1XHdr7llcprQkndqqFA2iGNl5Pfb+LoY+dhMPg5LpvNjLMrKfCm7qrEfUe1II7hMpc9EGytCSz2rmX4SOIa1yGuTTppgaWWwzadLWH8k5yVIP0vGZBdYEe4ujCz+dTWhvXmpsMRIlrrDFJ82edP89aBIBdsd0HCV/F2DGT4E7ZmfircK/3SHsk96ZCau0zp+BfulXUblg7wmQdj+vKKduCI4y3Wa+WL9R6XpF/NNw1wWbv3mpxXV2Xc8Q6owD4qFam/4LDhW3fOHlAYmeO3HANdxzDcGe9C+07xAUQBQHEJlFrwSpTQPfSAXeyI2FhCqndfS1rGCOmaOYZ4NmSFYZRfL6SzPQ/6iAOjPh/lYd0IUfNcNauVOeqv365BFjwC8P2fMLg9jTkd6xddJ8AZyY760FmqOX24w8p7e6r7LLa3SyfE5+7xxQTxahpD4koHmu3ntNZklv85CpZ3/IGlD0nOlmUeMncz+oTg6EVr2rKIu3PSKMwIJxrefwXDBIdToAMvsfP5CjKrFJ6p6uelL4llYK1UIZtQhFuhmpF8uD4als/kHmluE94XMxnnlizsINxRrcZXZFiquNgZnvKANErNhurFKernj57Em5OIr0jwhsRWJuHZJ1yVdkYkh3Ga1I
x-ms-office365-filtering-correlation-id: 4421097d-ef69-480a-92f9-08d4b51ae1ec
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500041)(300135000095)(300000501041)(300135300095)(22001)(300000502041)(300135100095)(2017030254075)(300000503041)(300135400095)(48565401081)(201703131423075)(201703031133081)(201702281549075)(300000504041)(300135200095)(300000505041)(300135600095)(300000506037)(300135500095); SRVR:CY4PR21MB0630;
x-ms-traffictypediagnostic: CY4PR21MB0630:
x-microsoft-antispam-prvs: <CY4PR21MB06301A3B20CF8A8DBD82C51EF5C60@CY4PR21MB0630.namprd21.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(31418570063057)(21748063052155)(1591387915157);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(61425038)(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(6055026)(61426038)(61427038)(6041248)(20161123555025)(20161123558100)(20161123560025)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123562025)(6072148)(100000704101)(100105200095)(100000705101)(100105500095); SRVR:CY4PR21MB0630; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CY4PR21MB0630;
x-forefront-prvs: 034119E4F6
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(39840400002)(39450400003)(39850400002)(39400400002)(39410400002)(209900001)(3660700001)(77096006)(7696004)(86612001)(5005710100001)(86362001)(81166006)(6916009)(8676002)(8990500004)(10090500001)(6506006)(122556002)(478600001)(189998001)(1730700003)(8936002)(606005)(2906002)(33656002)(54356999)(50986999)(5660300001)(7906003)(72206003)(551544002)(2351001)(7736002)(6436002)(74316002)(2900100001)(14454004)(9686003)(99286003)(102836003)(6116002)(53936002)(110136004)(54896002)(55016002)(236005)(966005)(3280700002)(38730400002)(10290500003)(6306002)(25786009)(5630700001)(53376002)(790700001)(5640700003)(2501003)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:CY4PR21MB0630; H:CY4PR21MB0504.namprd21.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0504ED00B9D8A5381A19AE0EF5C60CY4PR21MB0504namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jun 2017 00:50:42.8606 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0630
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/QgcfAjqnkiU-swUYuU60z3GPnys>
Subject: [OAUTH-WG] Authentication Method Reference Values is now RFC 8176
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jun 2017 00:50:47 -0000

The Authentication Method Reference Values specification is now RFC 8176<https://www.rfc-editor.org/rfc/rfc8176.txt>.  The abstract describes the specification as:

The amr (Authentication Methods References) claim is defined and registered in the IANA "JSON Web Token Claims" registry, but no standard Authentication Method Reference values are currently defined. This specification establishes a registry for Authentication Method Reference values and defines an initial set of Authentication Method Reference values.

The specification defines and registers some Authentication Method Reference values such as the following, which are already in use by some Google and Microsoft products and OpenID specifications:

  *   "face" - Facial recognition
  *   "fpt" - Fingerprint
  *   "hwk" - Proof-of-possession of a hardware-secured key
  *   "otp" - One-time password
  *   "pin" - Personal Identification Number
  *   "pwd" - Password
  *   "swk" - Proof-of-possession of a software-secured key
  *   "sms" - Confirmation using SMS
  *   "user" - User presence test
  *   "wia" - Windows Integrated Authentication
See https://www.iana.org/assignments/authentication-method-reference-values/ for the full list of registered values.

Thanks to Caleb Baker, Phil Hunt, Tony Nadalin, and William Denniss, all of whom substantially contributed to the specification.  Thanks also to the OAuth working group members, chairs, area directors, and other IETF members who helped refine the specification.

                                                                -- Mike

P.S.  This announcement was also posted at http://self-issued.info/?p=1701 and as @selfissued<https://twitter.com/selfissued>.